{"type":"video","version":"1.0","html":"<iframe src=\"https://www.loom.com/embed/5ea6358bd1654808ab43259ac1df08ed\" frameborder=\"0\" width=\"1114\" height=\"835\" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>","height":835,"width":1114,"provider_name":"Loom","provider_url":"https://www.loom.com","thumbnail_height":835,"thumbnail_width":1114,"thumbnail_url":"https://cdn.loom.com/sessions/thumbnails/5ea6358bd1654808ab43259ac1df08ed-1b968c079b69b470.gif","duration":282.6234,"title":"Solving Indirect Prompt Injection Risks in NLWeb MCPs 🌐","description":"In this video, I demonstrate a serious issue of indirect prompt injection using NLWeb, which can vectorize website content for easy searching. I showcase a simple Shopify website where I've hidden a prompt injection attack that can lead to the leakage of sensitive information, such as a user's secret key. Our solution involves a program that scans connected MCP tools to identify potential data exfiltration paths and a guardrailing engine that allows users to create policies to block such attacks. I encourage viewers, especially sysadmins and security personnel, to consider implementing these guardrails to protect against similar vulnerabilities."}